<?php
# MantisBT - a php based bugtracking system

# MantisBT is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
#
# MantisBT is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.

	/**
	 * @package MantisBT
	 * @copyright Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
	 * @copyright Copyright (C) 2002 - 2010  MantisBT Team - mantisbt-dev@lists.sourceforge.net
	 * @link http://www.mantisbt.org
	 */
	 /**
	  * MantisBT Core API's
	  */
	require_once( 'core.php' );
	require_once( 'current_user_api.php' );
	require_once( 'compress_api.php' );
	require_once( 'filter_api.php' );
	require_once( 'last_visited_api.php' );

	auth_ensure_user_authenticated();

	$t_current_user_name = current_user_get_field( 'username' );
	$t_current_real_name = current_user_get_field( 'realname' );
	
	# Improve performance by caching category data in one pass
	category_get_all_rows( helper_get_current_project() );

	compress_enable();

	# don't index my view page
	html_robots_noindex();

	html_page_top1( lang_get( 'my_view_link' ) );

	if ( current_user_get_pref( 'refresh_delay' ) > 0 ) {
		html_meta_redirect( 'my_view_page.php', current_user_get_pref( 'refresh_delay' )*60 );
	}

	html_page_top2();

	print_recently_visited();

	$f_page_number		= gpc_get_int( 'page_number', 1 );

	$t_per_page = config_get( 'my_view_bug_count' );
	$t_bug_count = null;
	$t_page_count = null;

	$t_boxes = config_get( 'my_view_boxes' );
	asort ($t_boxes);
	reset ($t_boxes);
	#print_r ($t_boxes);

	$t_project_id = helper_get_current_project();
?>
<br>
<div align="center">
<table border=0 cellspacing="3" cellpadding="0" width=100%>
			<tr>
				<td>
<?php 
			$id = $_GET['id'];
			$do = $_GET['do'];
			$header = 'mantis';
			$t_current_user_name = current_user_get_field( 'username' );
		//View tất cả các khách hàng
		if ($do == view)
		{ 
			echo  " <html>
					<head>
					<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
					<title>Seller management Systems</title>
					<link rel='stylesheet' href='css/default.css' type='text/css'>
					<title></title> 
					</head>
					<body>	
					Trung tâm Dịch vụ khách hàng<br>
					================================================================================================
					<table border=0 cellspacing='3' cellpadding='0' width=100%>
								<tr>
									<td align='center'>
									[<a href='?do=addcare' title='Nhập thông tin khách hàng'>Add care</a>] 
									| [<a href='coogle.php?do=search'>Tìm kiếm</a>] 
									| [<a href='?do=atme' title='Khách hàng chuyển tới tôi'>Khách hàng chuyển tới tôi</a>] <br>
									[<a href='?do=viewall' title='Liệt kê danh sách khách hàng'>View all</a>] 
									| [<a href='?do=viewme'>View me</a>] 
									| [<a href='?do=monitor' title='Liệt kê khách hàng đang theo dõi'>View all monitor</a>] 
									| [<a href='?do=recall' title='Liệt kê khách hàng chờ gọi lại'>View all recall</a>] 
									| <a href='?do=viewinc' title='Liệt kê khách hàng gọi đến'>[View Incomming]</a>
									| [<a href='?do=viewout' title='Liệt kê khách hàng gọi đi'>View Outgoing</a>] <br>
									[<a href='?do=creport'>Xuất báo cáo</a>] 
									| [<a href='?do=download'>Download</a>] | 	[<a href='?do=viewagent'>Liệt kê khách hàng Đại lí - CTV</a>]
									</td>
								</tr>
					</table>
					<table border=1 cellspacing=0 cellpadding=0 style='border-collapse:collapse' width=100%> 
						<tr>
							<td>  <b>Viewing Detail report</b> [ <a href='?do=rDetail&id=$id'>Xem dạng kết xuất</a> ]<br><br>    
								<table border=1 bordercolor=black cellspacing=0 cellpadding=0 style='border-collapse:collapse' width=100% bgcolor=#CECEFF class=ttt>  
									<tr>
										<td width=10%>ID</td>
										<td width=15%>Category</td>
										<td width=15%>Chuyên mục</td>
										<td width=15%>Trạng thái</td>
										<td width=15%>Người khởi tạo</td>
										<td width=15%>sTime</td>
										<td width=15%>uTime</td>
									</tr>			
								";
								#Query tới db để lấy thông tin khách hàng
								$id = mysql_real_escape_string($id);
								$sql = mysql_query('SELECT * FROM mantis_care_report_table WHERE id="'.$id.'"');
								While ($row = mysql_fetch_array($sql))
								{
									$id	= $row['id'];
									$spcode = $row['spcode'];
									$name = $row['name'];
									$phone = $row['phone'];
									$email = $row['email'];
									$sex = $row['sex'];
									$address = $row['address'];
									$city = $row['city'];
									$serial = $row['serial'];
									$lo = $row['lo'];
									$dt = $row['dt'];
									$object = $row['object'];
									$status = $row['status'];
									$state = $row['state'];
									$confirm = nl2br($row['confirm']);
									$process = nl2br($row['process']);
									$receiver = $row['receiver'];
									$carer = $row['carer'];
									$start_time = (date("d-m-Y H:i",$row['start_time']));
									
									//Thông tin về báo cáo
									echo '
										<tr>
											<td bgcolor=#E8E8E8>'.$id.'</td>
											<td bgcolor=#E8E8E8>'.$object.'</td>
											<td bgcolor=#E8E8E8>'.$status.'</td>
											<td width=10%  class='.$state.'>'.$state.'</td>
											<td bgcolor=#E8E8E8>'.$carer.'</td>
											<td bgcolor=#E8E8E8>'.$start_time.'</td>';
										
												// Max a last update
												$id = mysql_real_escape_string($id);
												$query = mysql_query('SELECT MAX(last_updated) FROM mantis_carenote_table WHERE cid="'.$id.'"'); 
												
												// Print out result
												while($row = mysql_fetch_array($query))
												{
													$cid = $row['cid'];
													$note = $row['note'];
													$resolver = $row['resolver'];
													$last_updated = (date("d-m-Y H:i",$row['MAX(last_updated)']));
													echo '	<td bgcolor=#E8E8E8>'.$last_updated.'</td>';
												}					
									echo '</tr>			
									</table>
									<br>	
									
									<table border=1 style="border: 1px solid black; float: left; width: 49%; height: 1em; border-collapse:collapse" class=ttt>
									<tr><td width=20%> 
									Mã khách hàng <br> Tên khách hàng <br> Phone <br> Email <br> 
									Giới tính <br> Địa chỉ <br> Tỉnh/TP <br> 
									Đối tượng <br> Serial/lô</td>
									<td> 
									'.$spcode.'<br>'.$name.'<br>'.$phone.'<br>
									'.$email.'<br>'.$sex.'<br>'.$address.'<br>'.$city.'<br>
									'.$dt.'<br>'.$serial.'/'.$lo.' 
									</td>
									</tr>
									</table>
										
									<table border=1 style="border: 1px solid black; float: right; width: 49%; height: 1em; border-collapse:collapse" class=ttt>
									<tr><td width=20%><b>Người khởi tạo</b></td><td bgcolor=#E8E8E8>'.$carer.'</td></tr>	
									<tr><td><b>Người tiếp nhận</b></td><td bgcolor=#E8E8E8>'.$receiver.'</td></tr>		
									<tr><td><b>Phản hồi</b></td><td>'.$confirm.'</td></tr>
									<tr><td><b>Xử lí</b></td><td>'.$process.'</td></tr>
									</table><br><br><br><br><br><br>
									<br><br>
									<form name="modify" action="?do=edo&id='.$id.'" method="post">
									<button type="edit" name="edit" value="edit">Edit</button>
									<button type="del" name="del" value="del">Del</button>
									</form>
									<form name="modify" action="?do=modify&id='.$id.'" method="post">
									<button type="ast" name="ast" value="ast">Assign to</button>
									<Select name="receiver">
									<option value=em></option>';
									$req = mysql_query("select username from `mantis_user_table` where access_level='25'");
									while ($row = mysql_fetch_array($req))
									{
										if ($row['username'] != $seller)
										{ echo'<option value ='.$row['username'].'>'.$row['username'].'</option>'; }
									}
									echo '</select>
									<button type="change" name="change" value="change">Change status to</button>
									<Select name="state">
									<option value=complete>complete</option>
									<option value=move>move</option>
									<option value=monitor>monitor</option>
									<option value=recall>recall</option>
									</select></form>';
								}
			echo '			</td>
						</tr>
					</table><br>';
								
								echo '<form action="?do=upload&id='.$id.'" method="post" enctype="multipart/form-data">
								<table border=1 cellpadding=0 cellspacing=0 style="border-collapse:collapse" width=100%><tr><td>
								<b>Upload File [V]<br><br>
								<table border=0 cellpadding=0 cellspacing=0 style="border-collapse:collapse" width=100% bgcolor=#CECEFF>
								<tr><td width=20%>Select File<br>(Maximum size: 5,000k)</td></td><td> <input type="file"  name="ufile" /> <input type="submit" value="Upload file" /></td></tr>
								</table></td></tr></table>
								</form><br>';
								
								// show file upload
								echo '
								<table border=1 cellpadding=0 cellspacing=0 style="border-collapse:collapse" width=100% class=ttt><tr><td>
								<b>Attached Files [A]<br><br>
								<table border=0 cellpadding=0 cellspacing=0 style="border-collapse:collapse" width=100% bgcolor=#CECEFF>
								<tr><td width=20%><b>Filename</td><td><b>Date added</td><td><b>User_id</td><td><b>Download/View on site</td></tr>';
								
								$sqlfUp = mysql_query('SELECT  id,filename,file_type,filesize,from_unixtime(date_added), care_id, user_id,folder, new_file_name FROM mantis_care_file_table WHERE care_id="'.$id.'"');
								$b = 1;
								While ($row = mysql_fetch_array($sqlfUp))
								{	
									if($b%2==0)  
										{ $sl = '#E1E1E1';}else{ $sl = 'white';}
									 $filename    = $row['filename'];
									 $file_type   = $row['file_type'];             
									 $filesize = $row['filesize'];
									 $date_added = $row['from_unixtime(date_added)'];
									 $care_id = $row['care_id'];
									 $user_id       = $row['user_id'];
									 $folder        = $row['folder'];
									 $new_file_name= $row['new_file_name'];
									 $url = ''.$folder;
									echo '<tr><td bgcolor='.$sl.'>'. $filename.'</td><td bgcolor='.$sl.'>'.$date_added.'</td><td bgcolor='.$sl.'>'.$user_id.'</td><td bgcolor='.$sl.'><a href='.$url.'>Download</a></td></tr>';
									$b++;
								}
								echo '</table></td></tr></table>
								</form><br>
									';
								#Show thời gian update lần cuối
								$sqlnote = mysql_query('SELECT * FROM mantis_carenote_table WHERE cid="'.$id.'"');
								While ($row = mysql_fetch_array($sqlnote))
								{
									$id	= $row['id'];
									$note = nl2br($row['note']);
									$resolver = $row['resolver'];
									$last_updated =(date("d-m-Y H:i",$row['last_updated']));
								
									#Show quá trình xử lí của supporter khác
									echo '
										<table border=1 cellspacing=0 cellpadding=0 style="border-collapse:collapse" width=100%>
											<tr>
												<td> 
													<table border=1 bordercolor=white cellspacing=0 cellpadding=0 style="border-collapse:collapse" width=100% bgcolor=#CECEFF class=ttt>  
														<tr>
															<td width=20% valign=top><b>'.$resolver.'</b><br>'.$last_updated.'</b><br>
															<td valign=top bgcolor=white>'.$note.'</td>
														</tr>	
													</table>
												</td>
											</tr>
										</table>';
								}
								$id = $_GET['id'];
			
			#Check trạng thái của Reqest để hiển thị Note
			if (($state == move) or ($state == monitor) or ($state == recall))
			{
				echo '<br><form name="addnote" action="?do=addnote&id='.$id.'" method="post">
					<table border=1 cellspacing=0 cellpadding=0 style="border-collapse:collapse" width=100%>
						<tr><td>    
								<table border=1 bordercolor=white cellspacing=0 cellpadding=0 style="border-collapse:collapse" width=100% bgcolor=#CECEFF>  
									<tr>
										<td width=20% valign=top><b>Note</b></td>
										<td width=80% align=left><textarea name="note" type="note" cols="90" rows="6"></textarea></td>
									</tr>	
								</table>
								<input name="submit" type="submit" value="Reply">
							</td>
						</tr>
					</table></form>';
			}
			echo '
					</body>
					</html>';
		}
		
		#Upload file log, screenshot theo bai viet
		if ($do == upload)
	{
		$id = $_GET['id'];
		$SafeFile = $HTTP_POST_FILES['ufile']['name'];
		$SafeFile = str_replace("#", "No.", $SafeFile);
		$SafeFile = str_replace("$", "Dollar", $SafeFile);
		$SafeFile = str_replace("%", "Percent", $SafeFile);
		$SafeFile = str_replace("^", "", $SafeFile);
		$SafeFile = str_replace("&", "and", $SafeFile);
		$SafeFile = str_replace("*", "", $SafeFile);
		$SafeFile = str_replace("?", "", $SafeFile);

		$t_current_user_name = current_user_get_field( 'username' );
						// random 4 digit to add to our file name
						// some people use date and time in stead of random digit
						$random_digit=rand(00000000000000,99999999999999);
						//combine random digit to you file name to create new file name
						$new_file_name=$random_digit.$theFileName;
		$path= "upload/".$new_file_name;
		
		if($ufile != none)
		{ //AS LONG AS A FILE WAS SELECTED...

		if(copy($HTTP_POST_FILES['ufile']['tmp_name'], $path))//IF IT HAS BEEN COPIED...
		{ 
			//GET FILE NAME
			$theFileName = $HTTP_POST_FILES['ufile']['name'];

			//GET FILE SIZE
			$theFileSize = $HTTP_POST_FILES['ufile']['size'];
			
			//GET FILE SIZE
			$theFileType = $HTTP_POST_FILES['ufile']['type'];
			

			if ($theFileSize>999999){ //IF GREATER THAN 999KB, DISPLAY AS MB
				$theDiv = $theFileSize / 1000000;
				$theFileSize = round($theDiv, 1)." MB"; //round($WhatToRound, $DecimalPlaces)
			} else { //OTHERWISE DISPLAY AS KB
				$theDiv = $theFileSize / 1000;
				$theFileSize = round($theDiv, 1)." KB"; //round($WhatToRound, $DecimalPlaces)
			}
			$mark = 'down';
			$care_id = $id;
			
			$user_id = $t_current_user_name;
			$date_added = time();
			$md5 = md5_file($path);
			echo $md5;
			mysql_query("insert into `mantis_care_file_table` 
				(filename,file_type,filesize,date_added,care_id, pjcare_id, user_id, folder, new_file_name) 
				values ('$theFileName','$theFileType','$theFileSize','$date_added','$care_id','$pjcare_id','$user_id','$path','$new_file_name')");
		} else 
			{


		//PRINT AN ERROR IF THE FILE COULD NOT BE COPIED
				echo '
				<table cellpadding="5" width="80%">
				<tr>
				<td align="Center" colspan="2"><font color=\"#C80000\"><b>File could not be uploaded</b></font></td>
				</tr></table>';
			}
		}
		header("location: /$header/view_care_report.php?do=view&id=$id");
	}

		#Modify ~ Edit, del, assign to,...
		if ($do == modify)
		{	
			$qrsql = mysql_query("SELECT * FROM mantis_care_report_table WHERE id=$id");
								While ($row = mysql_fetch_array($qrsql))
								{
									$qstatus = $row['status'];
									$qstate = $row['state'];
									$qconfirm = nl2br($row['confirm']);
									$qprocess = nl2br($row['process']);
									$qreceiver = $row['receiver'];
									$qcarer = $row['carer'];
									//Change SPCODE
									if ($_POST['state'] != $qstate)
									{
										$field_name = 'state';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver  = current_user_get_field( 'username' );
										$time = date("H:i:s, d-m-Y");
										$old_value = $qstate;
										$new_value = $_POST['state'];
										$last_updated = time();
											mysql_query("insert into `mantis_care_history_table` 
											(user_id, cid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//ASSIGN TO....
									if ($_POST['receiver'] != $qreceiver)
									{
										$field_name = 'assignto';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver  = current_user_get_field( 'username' );
										$time = date("H:i:s, d-m-Y");
										$old_value = $qreceiver;
										$new_value = $_POST['receiver'];
										$last_updated = time();
											mysql_query("insert into `mantis_care_history_table` 
											(user_id, cid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
								}
			#Update trạng thái của báo cáo
			if ($_POST['state'] == complete)
				{
				$id = $_GET['id'];
				mysql_query("UPDATE `mantis_care_report_table` SET `state` = 'complete' WHERE `id` ='$id'");
				header("location: /$header/view_care_report.php?do=view&id=$id");
				}
				
			if ($_POST['state'] == move)
				{
				$id = $_GET['id'];
				mysql_query("UPDATE `mantis_care_report_table` SET `state` = 'move' WHERE `id` ='$id'");
				header("location: /$header/view_care_report.php?do=view&id=$id");
				}
				
			if ($_POST['state'] == monitor)
				{
				$id = $_GET['id'];
				mysql_query("UPDATE `mantis_care_report_table` SET `state` = 'monitor' WHERE `id` ='$id'");
				header("location: /$header/view_care_report.php?do=view&id=$id");
				}
			if ($_POST['state'] == recall)
				{
				$id = $_GET['id'];
				mysql_query("UPDATE `mantis_care_report_table` SET `state` = 'recall' WHERE `id` ='$id'");
				header("location: /$header/view_care_report.php?do=view&id=$id");
				}
			
			#Update người nhận báo cáo tiếp theo
			if ($_POST['receiver'] != em)
				{ 
				$re = $_POST['receiver'];
				$id = $_GET['id'];
				mysql_query("UPDATE `mantis_care_report_table` SET `receiver` = '$re' WHERE `id` ='$id'");
				header("location: /$header/view_care_report.php?do=view&id=$id");
				}
			else {
				$re = $_POST['receiver'];
				$id = $_GET['id'];
				mysql_query("UPDATE `mantis_care_report_table` SET `receiver` = '' WHERE `id` ='$id'");
				header("location: /$header/view_care_report.php?do=view&id=$id");
				}
			echo  "<div align=center><br><a href='my_customer_page.php?do=viewall'>[LIST]</a> | <a href='logout_page.php'>[Logout]</a></div></td></tr></table></DIV>";
		}
		
		#Edit, del 
		if ($do == edo)
		{
			#Edit bài viết
			if ($_POST['edit'] == edit)
				{
					echo '<table border=1 cellspacing=0 cellpadding=0 style="border-collapse:collapse" width=100%> 
						<tr>
							<td>  <b>Viewing Detail report</b> [ Print Reports ]  [ CSV Export ]  [ Excel Export ]<br><br>    
								<table border=1 bordercolor=white cellspacing=0 cellpadding=0 style="border-collapse:collapse" width=100% bgcolor=#CECEFF class=ttt>  
									<tr>
										<td width=10%>ID</td>
										<td width=15%>Category</td>
										<td width=15%>Chuyên mục</td>
										<td width=15%>Trạng thái</td>
										<td width=15%>Start support</td>
										<td width=15%>Date start </td>
										<td width=15%>Last update </td>
									</tr>			
								';
								#Query tới db để lấy thông tin khách hàng
								$sql = mysql_query("SELECT * FROM mantis_care_report_table WHERE id=$id");
								While ($row = mysql_fetch_array($sql))
								{
									$id	= $row['id'];
									$spcode	= $row['spcode'];
									$name = $row['name'];
									$phone = $row['phone'];
									$email = $row['email'];
									$sex = $row['sex'];
									$address = $row['address'];
									$city = $row['city'];
									$serial = $row['serial'];
									$lo = $row['lo'];
									$dt = $row['dt'];
									$object = $row['object'];
									$status = $row['status'];
									$state = $row['state'];
									$confirm = nl2br($row['confirm']);
									$process = nl2br($row['process']);
									$receiver = $row['receiver'];
									$carer = $row['carer'];
									$start_time = (date("d-m-Y H:i",$row['start_time']));
									
									//Thông tin về báo cáo
									echo '
										<tr><form name="addnote" action="?do=epost&id='.$id.'" method="post">
											<td bgcolor=#E8E8E8>'.$id.'</td>
											<td bgcolor=#E8E8E8> 
												<Select name="object">
												<option value =incomming>Gọi đến</option>
												<option value =outgoing>Gọi đi chăm sóc</option>
												<option value =1900>Dịch vụ 1900</option>
												</select></td>
											<td bgcolor=#E8E8E8>
												<Select name="status">
												<option value =virus>Dính virus</option>
												<option value =using>Cách sử dụng sản phẩm</option>
												<option value =ProductError>Lỗi sản phẩm</option>
												<option value =License>Liên quan đến bản quyền</option>
												<option value =ComputerError>Sự cố máy tính</option>
												<option value =CallError>Máy bận/Không liên lạc được/SĐT sai</option>
												<option value =nopro>Không gặp vấn đề gì</option>
												<option value =other>Các vấn đề khác</option>
												</select></td>
											<td width=10% class='; if ($state == complete){echo 'com';} if ($state == move){echo 'mo';}echo '>'.$state.'</td>
											<td bgcolor=#E8E8E8>'.$carer.'</td>
											<td bgcolor=#E8E8E8>'.$start_time.'</td>';
										
												// Max a last update

												$query = "SELECT MAX(last_updated) FROM mantis_carenote_table WHERE cid=$id"; 
												$result = mysql_query($query) or die(mysql_error());

												// Print out result
												while($row = mysql_fetch_array($result))
												{
													$cid = $row['cid'];
													$note = $row['note'];
													$resolver = $row['resolver'];
													$last_updated = (date("d-m-Y H:i",$row['MAX(last_updated)']));
													echo '	<td bgcolor=#E8E8E8>'.$last_updated.'</td>';
												}					
									echo '</tr>			
									</table>
									<br>	
									
									<table border=1 style="border: 1px solid black; float: left; width: 49%; height: 1em; border-collapse:collapse" class=ttt> 
									<tr><td width=20%><b>Mã khách hàng</td><td bgcolor=#FFD5BF><input name="spcode" type="spcode" value="'.$spcode.'"></td></tr>
									<tr><td><b>Name</td><td bgcolor=#FFD5BF><input name="name" type="name" value="'.$name.'"></td></tr>
									<tr><td><b>Phone</td><td bgcolor=#FFD5BF><input name="phone" type="phone" value="'.$phone.'"></td></tr>
									<tr><td><b>Email</td><td bgcolor=#FFD5BF><input name="email" type="email" value="'.$email.'"></td></tr>
									<tr><td width=10%><b>Giới tính</td><td bgcolor=#FFD5BF>
									<Select name="sex">
										<option value =male>Male</option>
										<option value =female>Female</option>
										</select></td></tr>
									<tr><td width=10%><b>Địa chỉ</td><td bgcolor=#FFD5BF><input name="address" type="address" value="'.$address.'"></td></tr>
									<tr><td width=10%><b>Đối tượng</td><td bgcolor=#FFD5BF>
									<Select name="dt">
										<option value =user>Khách hàng cá nhân</option>
										<option value =agent>Đại lí</option>
										</select></td></tr>
									<tr><td width=10%><b>Serial/lô</td><td bgcolor=#FFD5BF>'.$serial.'/'.$lo.'</td></tr>
									</table>
									
									
									<table border=1 style="border: 1px solid black; float: right; width: 49%; height: 1em; border-collapse:collapse" class=ttt>
									<tr><td width=20%><b>Reporter</b></td><td bgcolor=#E8E8E8>'.$carer.'</td></tr>	
									<tr><td><b>Assigned To</b></td><td bgcolor=#E8E8E8>'.$receiver.'</td></tr>		
									<tr><td><b>Confirm</b></td><td bgcolor=#CACEC6>
									<textarea name="confirm" type="confirm" cols="50" rows="1">'.$confirm.'</textarea>
									</td></tr>
									<tr><td width=10%><b>Process</b></td><td bgcolor=#CACEC6>
									<textarea name="process" type="process" cols="50" rows="1">'.$process.'</textarea>
									</td></tr>
									</table><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br>
									<input name="submit" type="submit" value="submit"></form>';
								}
				}
			
			#Xóa bài viết
			if ($_POST['del'] == del)
				{
					mysql_query("DELETE FROM `mantis_care_report_table` WHERE id ='$id' LIMIT 1");
					echo "Du lieu khach hang da bi xoa<br>";
					echo " Quay lai trang du lieu khach hang <a href='my_customer_page.php?do=viewall'>back</a> ";	
				}
		}
		
			#Update thông tin khách hàng
			if ($do == epost)
				{
						$seller = $t_current_user_name;
						//send information from form
						$spcode = $_POST['spcode'];
						$name = $_POST['name'];
						$phone = $_POST['phone'];
						$email = $_POST['email'];
						$sex = $_POST['sex'];
						$address = $_POST['address'];
						$city = $_POST['city'];
						$serial = $_POST['serial'];
						$lo = $_POST['lo'];
						$dt = $_POST['dt'];
						$object = $_POST['object'];
						$status = $_POST['status'];
						$state = $_POST['itemtype'];
						$confirm = $_POST['confirm'];
						$process = $_POST['process'];
						$receiver = $_POST['receiver'];
						$time = date("H:i:s, d-m-Y");
						$start_time = time();
						
						$qsql = mysql_query("SELECT * FROM mantis_care_report_table WHERE id=$id");
								While ($row = mysql_fetch_array($qsql))
								{
									$qspcode = $row['spcode'];
									$qname = $row['name'];
									$qphone = $row['phone'];
									$qemail = $row['email'];
									$qsex = $row['sex'];
									$qaddress = $row['address'];
									$qcity = $row['city'];
									$qserial = $row['serial'];
									$qlo = $row['lo'];
									$qdt = $row['dt'];
									$qobject = $row['object'];
									$qstatus = $row['status'];
									$qstate = $row['state'];
									$qconfirm = nl2br($row['confirm']);
									$qprocess = nl2br($row['process']);
									$qreceiver = $row['receiver'];
									$qcarer = $row['carer'];
									
									//Change SPCODE
									if ($spcode != $qspcode)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'spcode';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qspcode;
										$new_value = $spcode;
										$last_updated = time();
											mysql_query("insert into `mantis_care_history_table` 
											(user_id, cid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change Name
									if ($name != $qname)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'name';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qname;
										$new_value = $name;
										$last_updated = time();
											mysql_query("insert into `mantis_care_history_table` 
											(user_id, cid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change phone
									if ($phone != $qphone)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'phone';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qphone;
										$new_value = $phone;
										$last_updated = time();
											mysql_query("insert into `mantis_care_history_table` 
											(user_id, cid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change email
									if ($email != $qemail)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'email';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qemail;
										$new_value = $mail;
										$last_updated = time();
											mysql_query("insert into `mantis_care_history_table` 
											(user_id, cid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change sex
									if ($sex != $qsex)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'sex';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qsex;
										$new_value = $sex;
										$last_updated = time();
											mysql_query("insert into `mantis_care_history_table` 
											(user_id, cid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change address
									if ($address != $qaddress)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'address';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qaddress;
										$new_value = $address;
										$last_updated = time();
											mysql_query("insert into `mantis_care_history_table` 
											(user_id, cid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change city
									if ($spcode != $qspcode)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'city';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qcity;
										$new_value = $city;
										$last_updated = time();
											mysql_query("insert into `mantis_care_history_table` 
											(user_id, cid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
								}							
						
						mysql_query("UPDATE `mantis_care_report_table` 
						SET `spcode`='$spcode', `name` = '$name',`phone` = '$phone',`email` = '$email',`address` = '$address',`serial` = '$serial',`lo` = '$lo',`object` = '$object',`status` = '$status',`confirm` = '$confirm',`process` = '$process'
						WHERE `id` ='$id'");
						header("location: /$header/view_care_report.php?do=view&id=$id");
				}
		
		#Add thông tin để xử lí khi nhận report từ supporter khác
		if ($do == addnote)
		{	
			$t_current_user_name = current_user_get_field( 'username' );
						
						$field_name = 'addnote';
						#send information from form
						$did = $_GET['id'];
						$note = $_POST['note'];
						$resolver = $t_current_user_name;
						$time = date("H:i:s, d-m-Y");
						$last_updated = time();
						mysql_query("
								insert into `mantis_carenote_table` 
								(cid, note, resolver, last_updated) 											
								values('$did','$note','$resolver','$last_updated')");
						mysql_query("
								insert into `mantis_care_history_table` 
								(user_id, cid, field_name, type, old_value, new_value, date_modified) 											
								values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
						header("location: /$header/view_care_report.php?do=view&id=$did");
								
		}		
		
		//Viewing report detail
		if ($do == rDetail)
		{ 
			echo  " <html>
					<head>
					<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
					<title>Seller management Systems</title>
					<link rel='stylesheet' href='css/default.css' type='text/css'>
					<title></title> 
					</head>
					<body>	
					<table border=1 cellspacing=0 cellpadding=0 style='border-collapse:collapse' width=100%> 
						<tr>
							<td>  <b>Viewing Detail report</b> [ <a href='?do=rDetail&id=$id'>Xem dạng kết xuất</a> ]<br><br>    
								<table border=1 bordercolor=black cellspacing=0 cellpadding=0 style='border-collapse:collapse' width=100% bgcolor=#CECEFF class=ttt>  
									<tr>
										<td width=10%>ID</td>
										<td width=15%>Category</td>
										<td width=15%>Chuyên mục</td>
										<td width=15%>Trạng thái</td>
										<td width=15%>Start support</td>
										<td width=15%>Date start </td>
										<td width=15%>Last update </td>
									</tr>			
								";
								#Query tới db để lấy thông tin khách hàng
								$id = mysql_real_escape_string($id);
								$sql = mysql_query('SELECT * FROM mantis_care_report_table WHERE id="'.$id.'"');
								While ($row = mysql_fetch_array($sql))
								{
									$id	= $row['id'];
									$spcode = $row['spcode'];
									$name = $row['name'];
									$phone = $row['phone'];
									$email = $row['email'];
									$sex = $row['sex'];
									$address = $row['address'];
									$city = $row['city'];
									$serial = $row['serial'];
									$lo = $row['lo'];
									$dt = $row['dt'];
									$object = $row['object'];
									$status = $row['status'];
									$state = $row['state'];
									$confirm = nl2br($row['confirm']);
									$process = nl2br($row['process']);
									$receiver = $row['receiver'];
									$carer = $row['carer'];
									$start_time = (date("d-m-Y H:i",$row['start_time']));
									
									//Thông tin về báo cáo
									echo '
										<tr>
											<td bgcolor=#E8E8E8>'.$id.'</td>
											<td bgcolor=#E8E8E8>'.$object.'</td>
											<td bgcolor=#E8E8E8>'.$status.'</td>
											<td width=10%  class='.$state.'>'.$state.'</td>
											<td bgcolor=#E8E8E8>'.$carer.'</td>
											<td bgcolor=#E8E8E8>'.$start_time.'</td>';
										
												// Max a last update
												$id = mysql_real_escape_string($id);
												$query = mysql_query('SELECT MAX(last_updated) FROM mantis_carenote_table WHERE cid="'.$id.'"'); 
												
												// Print out result
												while($row = mysql_fetch_array($query))
												{
													$cid = $row['cid'];
													$note = $row['note'];
													$resolver = $row['resolver'];
													$last_updated = (date("d-m-Y H:i",$row['MAX(last_updated)']));
													echo '	<td bgcolor=#E8E8E8>'.$last_updated.'</td>';
												}					
									echo '</tr>			
									</table>
									<br>	
									
									<table border=1 style="border: 1px solid black; float: left; width: 49%; height: 1em; border-collapse:collapse" class=ttt>
									<tr><td width=5%><b>SupportCode</td><td bgcolor=#FFD5BF>'.$spcode.'</td></tr>
									<tr><td width=5%><b>Name</td><td bgcolor=#FFD5BF>'.$name.'</td></tr>
									<tr><td width=5%><b>Phone</td><td bgcolor=#FFD5BF>'.$phone.'</td></tr>
									<tr><td width=10%><b>Email</td><td bgcolor=#FFD5BF>'.$email.'</td></tr>
									<tr><td width=10%><b>Giới tính</td><td bgcolor=#FFD5BF>'.$sex.'</td></tr>
									<tr><td width=10%><b>Địa chỉ</td><td bgcolor=#FFD5BF>'.$address.'</td></tr>
									<tr><td width=10%><b>Đối tượng</td><td bgcolor=#FFD5BF>'.$dt.'</td></tr>
									<tr><td width=10%><b>Serial/lô</td><td bgcolor=#FFD5BF>'.$serial.'/'.$lo.'</td></tr>
									</table>
									<table border=1 style="border: 1px solid black; float: right; width: 49%; height: 1em; border-collapse:collapse" class=ttt>
									<tr><td width=10%><b>Reporter</b></td><td bgcolor=#E8E8E8>'.$carer.'</td></tr>	
									<tr><td width=10%><b>Assigned To</b></td><td bgcolor=#E8E8E8>'.$receiver.'</td></tr>		
									<tr><td width=10%><b>Confirm</b></td><td bgcolor=#CACEC6>'.$confirm.'</td></tr>
									<tr><td width=10%><b>Process</b></td><td bgcolor=#CACEC6>'.$process.'</td></tr>
									</table><br><br><br><br><br><br><br><br><br><br><br>';
									$rDetailsql = mysql_query('SELECT  id, user_id, cid, field_name, type, old_value, new_value, from_unixtime(date_modified) FROM mantis_care_history_table WHERE cid="'.$id.'"');
									echo '
									<table border=0 style="border-collapse:collapse" width=100% class=ttt >
									<tr><td bgcolor=#CECEFF><b>Date modified</td><td bgcolor=#CECEFF><b>Username</td><td bgcolor=#CECEFF><b>Field</td><td bgcolor=#CECEFF><b>Change</td></tr>
									';
									$a=1;
									while ($row = mysql_fetch_array($rDetailsql))
									{	
										
										$dModified = $row['from_unixtime(date_modified)'];
										$username = $row['user_id'];
										$field_name = $row['field_name'];
										$old_value = $row['old_value'];
										$new_value = $row['new_value'];
										if($a%2==0)  
										{
											$sl = '#E1E1E1';
										}
										else
										{
										$sl = 'white';
										}
										echo '<tr>
										<td bgcolor='.$sl.'>'.$dModified.'</td>
										<td bgcolor='.$sl.'>'.$username.'</td>
										<td bgcolor='.$sl.'>'.$field_name.' </td>
										<td bgcolor='.$sl.'>'.$old_value.' => '.$new_value.'</td>
										</tr>';
										$a++;
									}
									echo '</table>';
								}
			echo "			</td>
						</tr>
					</table><br>
					</body>
					</html>";
		}
		
#######################################################################################
#######################################################################################

		//Project care center
		if ($do == viewpj)
		{ 
			echo "Trung tâm Kinh doanh dự án<br>
					================================================================================================
					<table border=0 cellspacing='3' cellpadding='0' width=100%>
								<tr>
									<td align='center'>[<a href='projectcenter.php?do=addcare'>Add care</a>] 
									| [<a href='projectcenter.php?do=viewall'>View all</a>] 
									| [<a href='projectcenter.php?do=creport'>Xuất báo cáo</a>] 
									| [<a href='coogle.php'>Search</a>] 
									</td>
								</tr>
					</table>";
			$id = mysql_real_escape_string($id);
			$sql = mysql_query('SELECT * FROM mantis_projectcenter_table WHERE id="'.$id.'"');
			$rqRC = mysql_fetch_array($sql);
			if ($rqRC['id'] == 0){echo '<b>Thông tin khách hàng này không tồn tại. <a href=/'.$header.'/projectcenter.php>Quay lại<a/>!';}
			else
			{
			echo '<div><form name="modify" action="?do=edopj&id='.$id.'" method="post">
					<button type="edit" name="edit" value="edit" style="height:25px;width:100px;">Edit</button>
					<button type="del" name="del" value="del" style="height:25px;width:100px;">Del</button>
					</form></div>';
			echo  " <html>
					<head>
					<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
					<title>Seller management Systems</title>
					<link rel='stylesheet' href='css/default.css' type='text/css'>
					<title></title> 
					</head>
					<body>	
					<table border=1 cellspacing=0 cellpadding=0 style='border-collapse:collapse' width=100%> 
					<tr><td>   
					<table border=1 bordercolor=black cellspacing=0 cellpadding=0 style='border-collapse:collapse' width=100% bgcolor=#CECEFF class=ttt>";
								#Query tới db để lấy thông tin khách hàng
								$id = mysql_real_escape_string($id);
								$sql = mysql_query('SELECT * FROM mantis_projectcenter_table WHERE id="'.$id.'"');
								While ($row = mysql_fetch_array($sql))
								{
									$i++;
									$id = $row['id'];
									$ctname = $row['ctname'];
									$ctphone = $row['ctphone'];
									$ctmst = $row['ctmst'];
									$ctbank = $row['ctbank'];
									$ctaddress = $row['ctaddress'];
									$city = $row['city'];
									$area = $row['area'];
									
									$nMan = $row['nMan'];
									$pMan = $row['pMan'];
									$eMan = $row['eMan'];
									$ctype = $row['ctype'];
									$cdoanhso = $row['cdoanhso'];
									$cstatus = $row['cstatus'];
									$cpk = $row['cpk'];
									$tserver = $row['tserver'];
									$tclient = $row['tclient'];
									
									$assignto = $row['assignto'];
									$csupport = $row['csupport'];
									
									$confirm = $row['confirm'];
									$process = $row['process'];
									$receiver = $row['receiver'];
									$carer = $row['carer'];
									$time = date("H:i:s, d-m-Y");
									$start_time = (date("Y-m-d H:i:s",$row['start_time']));
									
									//Thông tin về báo cáo
									// Max a last update
									$id = mysql_real_escape_string($id);
									$query = mysql_query('SELECT from_unixtime(MAX(last_updated)) FROM mantis_project_note_table WHERE pid="'.$id.'"'); 
												
									// Print out result
									while($row = mysql_fetch_array($query))
									{$last_updated = $row['from_unixtime(MAX(last_updated))'];}
									include('changeinfo.php');
									echo '
									<table style="border: 1px solid black; float: left;margin-right:10px; width: 49%; height: 1em; border-collapse:collapse" class=ttt>
									<tr><td width=30%><b>Tên doanh nghiệp</td><td>'.$ctname.'</td></tr>
									<tr><td><b>Điện thoại liên hệ</td><td>'.$ctphone.'</td></tr>
									<tr><td><b>Mã số thuế</td><td>'.$ctmst.'</td></tr>
									<tr><td><b>Ngân hàng</td><td>'.$ctbank.'</td></tr>
									<tr><td><b>Địa chỉ</td><td>'.$ctaddress.'</td></tr>
									<tr><td><b>Tỉnh/TP</td><td>'.$city.' [Khu vực: <b>'.$area.'</b>]</td></tr>
									<tr><td><b>Phân khúc thị trường</td><td>'.$rcpk.' [<b>'.$ctype.']</td></tr>
									<tr><td><b>Server/Client</td><td>'.$tserver.'/'.$tclient.'</td></tr>
									</table>
									<table style="border: 1px solid black; width: 50%; height: 1em; border-collapse:collapse" class=ttt>
									<tr><td width=30%><b>Người đại diện</td><td>'.$nMan.'</td></tr>
									<tr><td><b>Mobile</td><td>'.$pMan.'</td></tr>
									<tr><td><b>Email liên hệ</td><td>'.$eMan.'</td></tr>
									<tr><td><b>Assign to [Sale]</td><td>'.$assignto.'</td></tr>
									<tr><td><b>Phụ trách kĩ thuật dự án</b></td><td valign=top><b>'.$csupport.'</td></tr>	
									<tr><td><b>Trạng thái dự án</b></td><td valign=top class='.$cls.'><b>'.$ptc.'</td></tr>	
									<tr><td><b>sTime</b></td><td valign=top>'.$start_time.'</td></tr>	
									<tr><td><b>uTime</b></td><td valign=top>'.$last_updated.'</td></tr>
									</table><br>								
									<form name="modify" action="?do=modpj&id='.$id.'" method="post">
									Assign to => <Select name="assignto" style="border: 1px solid #CCCCCC;height:22px;">
									<option value ='.$assignto.'>'.$assignto.'</option>';
									$req = mysql_query("select username from `mantis_user_table` where access_level='40'");
									while ($row = mysql_fetch_array($req))
									{if ($row['username'] != $seller){ echo'<option value ='.$row['username'].'>'.$row['username'].'</option>'; }}
									echo '</select>
									Kĩ thuật phụ trách => <Select name="csupport"  style="border: 1px solid #CCCCCC;height:22px;">
									<option value ='.$csupport.'>'.$csupport.'</option>
									<option value =hungdv>Đào Việt Hùng</option>
									<option value =sonln>Lê Ngọc Sơn</option>
									<option value =hoangth>Trần Huy Hoàng</option>
									</select><br>
									Status to =>
									<Select name="cstatus" style="border: 1px solid #CCCCCC;height:22px;">
									<option value='.$cstatus.'>'.$cstatus.'</option>
									<option value=tiepcan>Tiếp cận</option>
									<option value=khaosat>Khảo sát</option>
									<option value=dauthau>Đầu thầu</option>
									<option value=kihopdong>Kí hợp đồng</option>
									<option value=dangtrienkhai>Đang triển khai</option>
									<option value=nghiemthu>Nghiệm thu</option>
									<option value=closedwin>ClosedWin</option>
									<option value=closedlost>ClosedLost</option>
									</select>
								
									Phân khúc thị trường =><Select name="cpk" style="border: 1px solid #CCCCCC;height:22px;">
									<option value ='.$cpk.'>'.$cpk.'</option>
									<option value =bank>Ngân hàng/ Chứng khoán/ Bảo hiểm</option>
									<option value =nntw>Khối Nhà Nước TW</option>
									<option value =nnt>Khối Nhà Nước Tỉnh</option>
									<option value =anninh>Khối An Ninh - Quốc Phòng</option>
									<option value =yte>Khối Y Tế</option>
									<option value =congnghiep>Khối Công nghiệp/Nhà máy</option>
									<option value =ttdulich>Khối Thông tin/Du lịch/Báo chí</option>
									<option value =cntt>Khối công ty CNNT</option>
									<option value =telco>Khối Telco (Viễn Thông)</option>
									<option value =nangluong>Khối Năng Lượng</option>
									</select>
									
									Trạng thái khách hàng => <Select name="ctype" style="border: 1px solid #CCCCCC;height:22px;">
									<option value='.$ctype.'>'.$ctype.'</option>
									<option value=kt1>KT1</option>
									<option value=kt2>KT2</option>
									<option value=kt3>KT3</option>
									</select>
									<input type=submit name=submit value=submit>
								</form>';
								}
			echo '</td></tr></table><br>
			<table border=1 cellpadding=0 cellspacing=0 style="border-collapse:collapse" width=100%><tr><td>
			<table border=0 cellpadding=0 cellspacing=0 style="border-collapse:collapse" width=100%>
			<tr><td width=20%>Thông tin chính dự án</td><td>'.$confirm.'</td></tr>
			<tr><td>Phân tích/đánh giá</td><td>'.$process.'</td></tr>
			</table></td></tr></table><br>';
				
			echo '<form action="?do=uploadp&id='.$id.'" method="post" enctype="multipart/form-data">
			<table border=1 cellpadding=0 cellspacing=0 style="border-collapse:collapse" width=100%><tr><td>
			<table border=0 cellpadding=0 cellspacing=0 style="border-collapse:collapse" width=100% bgcolor=#CECEFF>
			<tr><td width=20%>Select File<br>(Maximum size: 5,000k)</td></td><td> 
			<input type="file"  name="ufile" /> <input type="submit" value="Upload file" /></td></tr>
			</table></td></tr></table></form><br>';
			// show file upload
			echo '<table border=1 cellpadding=0 cellspacing=0 style="border-collapse:collapse" width=100% class=ttt><tr><td>
					<b>Attached Files [A]<br><br>
					<table border=0 cellpadding=0 cellspacing=0 style="border-collapse:collapse" width=100% bgcolor=#CECEFF>
					<tr><td width=20%><b>Filename</td><td><b>Date added</td><td><b>User_id</td><td><b>Download/View on site</td></tr>';
					$sqlfUp = mysql_query('SELECT  id,filename,file_type,filesize,from_unixtime(date_added), care_id, user_id,folder, new_file_name, pjcare_id FROM mantis_care_file_table 
					WHERE pjcare_id="'.$id.'"');
					$b = 1;
					While ($row = mysql_fetch_array($sqlfUp))
						{
							$filename    = $row['filename'];
							$date_added = $row['from_unixtime(date_added)'];
							$user_id       = $row['user_id'];
							$url = ''.$folder;
							echo '<tr><td>'. $filename.'</td><td>'.$date_added.'</td><td>'.$user_id.'</td><td>
							<a href='.$url.'>Download</a></td></tr>';
							$b++;
						}
						echo '</table></td></tr></table></form><br>';
						#Show thời gian update lần cuối
						$pjnote = mysql_query('SELECT id,pid,note,resolver,from_unixtime(last_updated) FROM mantis_project_note_table WHERE pid="'.$id.'"');
						
						While ($row = mysql_fetch_array($pjnote))
						{
						$id	= $row['id'];
						$note = nl2br($row['note']);
						$resolver = $row['resolver'];
						$last_updated = $row['from_unixtime(last_updated)'];
						#Show quá trình xử lí của supporter khác
						echo '
						<table border=1 cellspacing=0 cellpadding=0 style="border-collapse:collapse; margin-bottom:3px;" width=100%>
						<tr><td> 
						<table border=1 bordercolor=white cellspacing=0 cellpadding=0 style="border-collapse:collapse" width=100% bgcolor=#CECEFF class=ttt>  
						<tr>
						<td width=20% valign=top><b>'.$resolver.'</b><br>'.$last_updated.'</b><br>
						<td valign=top bgcolor=white>'.$note.'</td>
						</tr>	
						</table>
						</td></tr></table>';
						}
						$id = $_GET['id'];
			
			#Check trạng thái của Reqest để hiển thị Note
				echo '<br><form name="addnotepj" action="?do=addnotepj&id='.$id.'" method="post">
					<table border=1 cellspacing=0 cellpadding=0 style="border-collapse:collapse" width=100%>
						<tr><td>    
								<table border=1 bordercolor=white cellspacing=0 cellpadding=0 style="border-collapse:collapse" width=100% bgcolor=#CECEFF>  
									<tr>
										<td width=20% valign=top><b>Note</b></td>
										<td width=80% align=left><textarea name="note" type="note" cols="110" rows="7"></textarea></td>
									</tr>	
								</table>
								<input name="submit" type="submit" value="Add note">
							</td>
						</tr>
					</table></form><br>';
		$rpDetailsql = mysql_query('SELECT id, user_id, pid, field_name, type, old_value, new_value, from_unixtime(date_modified) 
							FROM mantis_project_history_table WHERE pid="'.$id.'"');
									echo '
									<table border=1 style="border-collapse:collapse" width=100% class=ttt ><tr><td>
									<table border=0 style="border-collapse:collapse" width=100% class=ttt >
									<tr><td bgcolor=#CECEFF><b>Date modified</td><td bgcolor=#CECEFF><b>Username</td><td bgcolor=#CECEFF><b>Field</td><td bgcolor=#CECEFF><b>Change</td></tr>
									';
									$a=1;
									while ($row = mysql_fetch_array($rpDetailsql))
									{	
										$dModified = $row['from_unixtime(date_modified)'];
										$username = $row['user_id'];
										$field_name = $row['field_name'];
										$old_value = $row['old_value'];
										$new_value = $row['new_value'];
										echo '<tr><td>'.$dModified.'</td>
										<td>'.$username.'</td>
										<td>'.$field_name.' </td>
										<td>'.$old_value.' => '.$new_value.'</td></tr>';
										$a++;
									}
									echo '</table></td></tr></table>';
			echo '
					</body>
					</html>';
		}
		
		}
		
		
//Edit project
		#Modify ~ Edit, del, assign to,...
		if ($do == modpj)
		{	
			$pid = $_GET['id'];
			$passignto = $_POST['assignto'];
			$psupport = $_POST['csupport'];
			$pstatus = $_POST['cstatus'];
			$cpk = $_POST['cpk'];
			$ctype = $_POST['ctype'];
			$pjsql = mysql_query("SELECT * FROM mantis_projectcenter_table WHERE `id` ='$pid'");
						While ($row = mysql_fetch_array($pjsql))
								{
									$rassignto = $row['assignto'];
									$rstatus = $row['cstatus'];
									$rsupport = $row['csupport'];
									$rcpk = $row['cpk'];
									$rctype = $row['ctype'];
									$type = 'project';
									//Change Assignto
									if ($passignto  != $rassignto)
									{
										$field_name = 'assignto';
										$useradd  = current_user_get_field( 'username' );
										$time = date("H:i:s, d-m-Y");
										$old_value = $rassignto;
										$new_value = $passignto;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$useradd','$pid','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change cstatus
									if ($rstatus  != $pstatus)
									{
										$field_name = 'status';
										$useradd  = current_user_get_field( 'username' );
										$time = date("H:i:s, d-m-Y");
										$old_value = $rstatus;
										$new_value = $pstatus;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$useradd','$pid','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change csupport
									if ($rsupport  != $psupport)
									{
										$field_name = 'csupport';
										$useradd  = current_user_get_field( 'username' );
										$time = date("H:i:s, d-m-Y");
										$old_value = $rsupport;
										$new_value = $psupport;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$useradd','$pid','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									
									//Change cpk
									if ($rcpk  != $cpk)
									{
										$field_name = 'cpk';
										$useradd  = current_user_get_field( 'username' );
										$time = date("H:i:s, d-m-Y");
										$old_value = $rcpk;
										$new_value = $cpk;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$useradd','$pid','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									
									//Change Ctype[KT]
									if ($rctype  != $ctype)
									{
										$field_name = 'ctype';
										$useradd  = current_user_get_field( 'username' );
										$time = date("H:i:s, d-m-Y");
										$old_value = $rctype;
										$new_value = $ctype;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$useradd','$pid','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
								}
								
			mysql_query("UPDATE `mantis_projectcenter_table` 
			SET `assignto` = '$passignto', `csupport` = '$psupport',`cstatus` = '$pstatus',`cpk` = '$cpk',`ctype` = '$ctype'
			WHERE `id` ='$pid'");
			#Update người nhận báo cáo tiếp theo
			if ($_POST['receiver'] != em)
				{ 
				$re = $_POST['receiver'];
				$id = $_GET['id'];
				mysql_query("UPDATE `mantis_care_report_table` SET `receiver` = '$re' WHERE `id` ='$id'");
				header("location: /$header/view_care_report.php?do=viewpj&id=$id");
				}
			else {
				$re = $_POST['receiver'];
				$id = $_GET['id'];
				mysql_query("UPDATE `mantis_care_report_table` SET `receiver` = '' WHERE `id` ='$id'");
				header("location: /$header/view_care_report.php?do=viewpj&id=$id");
				}
			echo  "<div align=center><br><a href='my_customer_page.php?do=viewall'>[LIST]</a> | <a href='logout_page.php'>[Logout]</a></div></td></tr></table></DIV>";
		}
		
		#Edit, del 
		if ($do == edopj)
		{
			#Edit bài viết
			if ($_POST['edit'] == edit)
				{
					echo '<table border=1 cellspacing=0 cellpadding=0 style="border-collapse:collapse" width=100%> 
						<tr>
							<td> 
								<table border=1 bordercolor=white cellspacing=0 cellpadding=0 style="border-collapse:collapse" width=100% bgcolor=#CECEFF class=ttt>  
								';
								#Query tới db để lấy thông tin khách hàng
								$sql = mysql_query("SELECT * FROM mantis_projectcenter_table WHERE id=$id");
								While ($row = mysql_fetch_array($sql))
								{
									$i++;
									$id = $row['id'];
									$ctname = $row['ctname'];
									$ctphone = $row['ctphone'];
									$ctmst = $row['ctmst'];
									$ctbank = $row['ctbank'];
									$ctaddress = $row['ctaddress'];
									$city = $row['city'];
									$area = $row['area'];
									
									$nMan = $row['nMan'];
									$pMan = $row['pMan'];
									$eMan = $row['eMan'];
									$tserver = $row['tserver'];
									$tclient = $row['tclient'];
									
									$object = $row['object'];
									$status = $row['status'];
									$state = $row['itemtype'];
									$confirm = $row['confirm'];
									$process = $row['process'];
									$receiver = $row['receiver'];
									$csupport = $row['csupport'];
									$time = date("H:i:s, d-m-Y");
									$start_time = (date("d-m-Y H:i:s",$row['start_time']));
									
									//Thông tin về báo cáo
									echo '<form name="epost" action="?do=epostpj&id='.$id.'" method="post">
									<table border=0 style="border: 1px solid black; float: left; width: 49%; height: 1em; border-collapse:collapse" class=ttt>
									<tr><td width=20%><b>Tên doanh nghiệp</td><td>
									<input name="ctname" type="ctname" value="'.$ctname.'" style="width:300px;"></td></tr>
									<tr><td><b>Điện thoại liên hệ</td><td><input name="ctphone" type="ctphone" value="'.$ctphone.'"></td></tr>
									<tr><td><b>Mã số thuế</td><td><input name="ctmst" type="ctmst" value="'.$ctmst.'" style="width:300px;"></td></tr>
									<tr><td><b>Ngân hàng</td><td><input name="ctbank" type="ctbank" value="'.$ctbank.'" style="width:300px;"></td></tr>
									<tr><td><b>Địa chỉ</td><td><input name="ctaddress" type="ctaddress" value="'.$ctaddress.'" style="width:300px;"></td></tr>
									<tr><td ><b>Tỉnh/TP</td><td><input name="city" type="city" value="'.$city.'">';
									echo ' - <Select name="area">
											<option value ='.$area.'>'.$area.'</option>
											<option value =mienbac>Dự án Miền Bắc</option>
											<option value =mientrung>Dự án Miền Trung</option>
											<option value =miennam>Dự án Miền Nam</option>
											</select>
									</td></tr>
									<tr><td ><b>Server/Client</td><td>
									<input name="tserver" type="tserver" value="'.$tserver.'" style="width:20px;"> -
									<input name="tclient" type="tclient" value="'.$tclient.'" style="width:20px;">
									</td></tr>
									</table>
									<table border=1 style="border: 1px solid black; float: right; width: 50%; height: 1em; border-collapse:collapse" class=ttt>
									<tr><td width=30%><b>Người đại diện</b></td><td bgcolor=#E8E8E8>
									<input name="nMan" type="nMan" value="'.$nMan.'" style="width:300px;"></td></tr>	
									<tr><td><b>Mobile</b></td><td bgcolor=#E8E8E8>
									<input name="pMan" type="pMan" value="'.$pMan.'"></td></tr>
									<tr><td><b>Email liên hệ</b></td><td bgcolor=#E8E8E8>
									<input name="eMan" type="eMan" value="'.$eMan.'" style="width:300px;"></td></tr>
									<tr><td><b>Kĩ thuật phụ trách</b></td><td bgcolor=#E8E8E8>'.$csupport.'</td></tr>
									<tr><td><b>Thông tin chung dự án</b></td><td bgcolor=#CACEC6>
									<textarea name="confirm" type="confirm" cols="55" rows="1">'.$confirm.'</textarea></td></tr>
									<tr><td><b>Phân tích/Đánh giá</b></td><td bgcolor=#CACEC6>
									<textarea name="process" type="process" cols="55" rows="1">'.$process.'</textarea></td></tr>
									</table><br><br><br><br><br><br><br><br><br><br><br><br><br><br>
									<input name="submit" type="submit" value="submit"></form>';
								}
				}
			
			#Xóa bài viết
			if ($_POST['del'] == del)
				{
					mysql_query("DELETE FROM `mantis_projectcenter_table` WHERE id ='$id'");
					mysql_query("DELETE FROM `mantis_project_note_table` WHERE pid ='$id'");
					mysql_query("DELETE FROM `mantis_project_history_table` WHERE pid ='$id'");
					mysql_query("DELETE FROM `mantis_care_file_table` WHERE pjcare_id ='$id'");
					header("location: /$header/projectcenter.php?do=viewall");
				}
		}
		
			#Update thông tin khách hàng
			if ($do == epostpj)
				{
						$seller = $t_current_user_name;
						//send information from form
						$ctname = $_POST['ctname'];
						$ctphone = $_POST['ctphone'];
						$ctmst = $_POST['ctmst'];
						$ctbank = $_POST['ctbank'];
						$ctaddress = $_POST['ctaddress'];
						$city = $_POST['city'];
						$area = $_POST['area'];
						
						$nMan = $_POST['nMan'];
						$pMan = $_POST['pMan'];
						$eMan = $_POST['eMan'];
						$tserver = $_POST['tserver'];
						$tclient = $_POST['tclient'];
						
						$object = $_POST['object'];
						$status = $_POST['status'];
						$state = $_POST['itemtype'];
						$confirm = $_POST['confirm'];
						$process = $_POST['process'];
						$receiver = $_POST['receiver'];
						$time = date("H:i:s, d-m-Y");
						$start_time = time();
						
						$qsql = mysql_query("SELECT * FROM mantis_projectcenter_table WHERE id=$id");
								While ($row = mysql_fetch_array($qsql))
								{
									$id = $row['id'];
									$qctname = $row['ctname'];
									$qctphone = $row['ctphone'];
									$qctmst = $row['ctmst'];
									$qctbank = $row['ctbank'];
									$qctaddress = $row['ctaddress'];
									$qcity = $row['city'];
									$qarea = $row['area'];
									
									$qnMan = $row['nMan'];
									$qpMan = $row['pMan'];
									$qeMan = $row['eMan'];
									$qtserver = $row['tserver'];
									$qtclient = $row['tclient'];
									
									$qobject = $row['object'];
									$qstatus = $row['status'];
									$qstate = $row['itemtype'];
									$qconfirm = $row['confirm'];
									$qprocess = $row['process'];
									$qreceiver = $row['receiver'];
									$qcarer = $row['carer'];
									$time = date("H:i:s, d-m-Y");
									$start_time = (date("d-m-Y H:i:s",$row['start_time']));
									
									//Change tên doanh nghiệp
									if ($ctname != $qctname)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'ctname';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qctname;
										$new_value = $ctname;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change số điện thoại doanh nghiệp
									if ($ctphone != $qctphone)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'ctphone';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qctphone;
										$new_value = $ctphone;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change Mã số thuế
									if ($ctmst != $qctmst)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'mst';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qctmst;
										$new_value = $ctmst;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change Ngân hàng
									if ($ctbank != $qctbank)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'bank';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qctbank;
										$new_value = $ctbank;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change địa chỉ doanh nghiệp
									if ($ctaddress != $qctaddress)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'address';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qctaddress;
										$new_value = $ctaddress;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change city
									if ($city != $qcity)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'city';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qcity;
										$new_value = $city;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									
									//Change Người đại diện
									if ($nMan != $qnMan)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'nMan';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qnMan;
										$new_value = $nMan;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change vùng
									if ($area != $qarea)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'area';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qarea;
										$new_value = $area;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change SDT Người đại diện
									if ($pMan != $qpMan)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'nMan';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qpMan;
										$new_value = $pMan;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change Email người đại diện
									if ($eMan != $qeMan)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'eMan';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qeMan;
										$new_value = $eMan;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change số lượng server
									if ($tserver != $qtserver)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'tserver';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $ptserver;
										$new_value = $tserver;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change số lượng client
									if ($tclient != $qtclient)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'tclient';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qtclient;
										$new_value = $tclient;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change phản hồi
									if ($confirm != $qconfirm)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'confirm';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qconfirm;
										$new_value = $confirm;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
									//Change xử lí
									if ($process != $qprocess)
									{
										$t_current_user_name = current_user_get_field( 'username' );
										$field_name = 'confirm';
										#send information from form
										$did = $_GET['id'];
										$note = $_POST['note'];
										$resolver = $t_current_user_name;
										$time = date("H:i:s, d-m-Y");
										$old_value = $qprocess;
										$new_value = $process;
										$last_updated = time();
											mysql_query("insert into `mantis_project_history_table` 
											(user_id, pid, field_name, type, old_value, new_value, date_modified) 
											values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
									}
								}							
						
						mysql_query("UPDATE `mantis_projectcenter_table` 
						SET `ctname`='$ctname', `ctphone` = '$ctphone',`ctmst` = '$ctmst',`ctbank` = '$ctbank',`ctaddress` = '$ctaddress',`city` = '$city',`area` = '$area',`nMan` = '$nMan',`pMan` = '$pMan',`eMan` = '$eMan',`tserver` = '$tserver',`tclient` = '$tclient',`confirm` = '$confirm',`process` = '$process'
						WHERE `id` ='$id'");
						header("location: /$header/view_care_report.php?do=viewpj&id=$id");
				}
		
		#Add thông tin để xử lí khi nhận report từ supporter khác
		if ($do == addnotepj)
		{	
			$t_current_user_name = current_user_get_field( 'username' );
						
						$type = 'project';
						$field_name = 'addnote';
						#send information from form
						$did = $_GET['id'];
						$note = $_POST['note'];
						$resolver = $t_current_user_name;
						$time = date("H:i:s, d-m-Y");
						$last_updated = time();
						mysql_query("
								insert into `mantis_project_note_table` 
								(pid, note, resolver, last_updated) 											
								values('$did','$note','$resolver','$last_updated')");
						mysql_query("
								insert into `mantis_project_history_table` 
								(user_id, pid, field_name, type, old_value, new_value, date_modified) 											
								values('$resolver','$did','$field_name','$type','$old_value','$new_value','$last_updated')");
						header("location: /$header/view_care_report.php?do=viewpj&id=$did");
								
		}		
		
		#Upload file log, screenshot theo bai viet
		if ($do == uploadp)
	{
		$id = $_GET['id'];
		$SafeFile = $HTTP_POST_FILES['ufile']['name'];
		$SafeFile = str_replace("#", "No.", $SafeFile);
		$SafeFile = str_replace("$", "Dollar", $SafeFile);
		$SafeFile = str_replace("%", "Percent", $SafeFile);
		$SafeFile = str_replace("^", "", $SafeFile);
		$SafeFile = str_replace("&", "and", $SafeFile);
		$SafeFile = str_replace("*", "", $SafeFile);
		$SafeFile = str_replace("?", "", $SafeFile);

		$t_current_user_name = current_user_get_field( 'username' );
						// random 4 digit to add to our file name
						// some people use date and time in stead of random digit
						$random_digit=rand(00000000000000,99999999999999);
						//combine random digit to you file name to create new file name
						$new_file_name=$random_digit.$theFileName;
		$path= "upload/".$new_file_name;
		
		if($ufile != none)
		{ //AS LONG AS A FILE WAS SELECTED...

		if(copy($HTTP_POST_FILES['ufile']['tmp_name'], $path))//IF IT HAS BEEN COPIED...
		{ 
			//GET FILE NAME
			$theFileName = $HTTP_POST_FILES['ufile']['name'];

			//GET FILE SIZE
			$theFileSize = $HTTP_POST_FILES['ufile']['size'];
			
			//GET FILE SIZE
			$theFileType = $HTTP_POST_FILES['ufile']['type'];
			

			if ($theFileSize>999999){ //IF GREATER THAN 999KB, DISPLAY AS MB
				$theDiv = $theFileSize / 1000000;
				$theFileSize = round($theDiv, 1)." MB"; //round($WhatToRound, $DecimalPlaces)
			} else { //OTHERWISE DISPLAY AS KB
				$theDiv = $theFileSize / 1000;
				$theFileSize = round($theDiv, 1)." KB"; //round($WhatToRound, $DecimalPlaces)
			}
			
			$pjcare_id = $id;
			$user_id = $t_current_user_name;
			$date_added = time();
			$md5 = md5_file($path);
			echo $md5;
			mysql_query("insert into `mantis_care_file_table` 
				(filename,file_type,filesize,date_added,care_id, pjcare_id, user_id, folder, new_file_name) 
				values ('$theFileName','$theFileType','$theFileSize','$date_added','$care_id','$pjcare_id','$user_id','$path','$new_file_name')");
		} else 
			{

			//PRINT AN ERROR IF THE FILE COULD NOT BE COPIED
				echo '
				<table cellpadding="5" width="80%">
				<tr>
				<td align="Center" colspan="2"><font color=\"#C80000\"><b>File could not be uploaded</b></font></td>
				</tr></table>';
			}
		}
		header("location: /$header/view_care_report.php?do=viewpj&id=$id");
	}
		
		?>
					</td>
				</tr>
			</table>
</div>

<?php
	html_page_bottom();
